package cn.edu.csmzxy.rk233x.auth_system.controller;

import cn.edu.csmzxy.rk233x.auth_system.dto.ResultDTO;
import cn.edu.csmzxy.rk233x.auth_system.dto.RolePermissionDTO;
import cn.edu.csmzxy.rk233x.auth_system.entity.SysPermission;
import cn.edu.csmzxy.rk233x.auth_system.service.SysRolePermissionService;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.security.SecurityRequirement;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import jakarta.annotation.Resource;
import jakarta.validation.Valid;
import java.util.List;

/**
 * @author wumxing
 * @date 2025/10/15 17:04
 * @description 角色-权限关联管理接口
 */

@Tag(name = "角色-权限关联接口", description = "角色权限分配")
@RestController
@RequestMapping("/api/sys/role-permission")
@SecurityRequirement(name = "JWT")
public class SysRolePermissionController {

    @Resource
    private SysRolePermissionService sysRolePermissionService;

    @Operation(summary = "查询角色已分配权限", description = "需要role:permission:query权限")
    @PreAuthorize("hasAuthority('role:permission:query')")
    @GetMapping("/role/{roleId}")
    public ResultDTO<List<SysPermission>> getPermissionsByRoleId(
            @Parameter(description = "角色ID") @PathVariable Long roleId) {
        return ResultDTO.success(sysRolePermissionService.getPermissionsByRoleId(roleId));
    }

    @Operation(summary = "分配角色权限", description = "需要role:permission:assign权限")
    @PreAuthorize("hasAuthority('role:permission:assign')")
    @PostMapping("/assign")
    public ResultDTO<?> assignPermissions(@Valid @RequestBody RolePermissionDTO rolePermissionDTO) {
        sysRolePermissionService.assignPermissions(rolePermissionDTO.getRoleId(), rolePermissionDTO.getPermissionIds());
        return ResultDTO.success("权限分配成功");
    }
}
